<%@include file="connection.jsp" %>

<%
String id=request.getParameter("usrnm_nm").toString();
String pass=request.getParameter("pwd_nm").toString();
int usertype=Integer.parseInt(request.getParameter("usertype").toString());
//out.print(id);
//out.print(pass);
int flag=0;
if(id.equals("admin") && pass.equals("admin") && usertype==2){
    flag=2;
    
}
else if (usertype==1)
{
    flag=3;
}
if(flag!=3)
{
st=con.createStatement();
rs=st.executeQuery("select sr_no,DES_DECRYPT(password),f_name from user where e_mail='"+id+"'");

while(rs.next())
       {
    if(rs.getString(2).equals(pass)) {
        session.setAttribute("sr",rs.getString(1));
        session.setAttribute("name",rs.getString(3));
        flag=1;
    }    
}
}
    if(flag==2){
        session.setAttribute("sr","admin");
        session.setAttribute("name","admin");
        response.sendRedirect("admin_home.jsp");
    }
    else if(flag==1)
    {
        response.sendRedirect("user_home.jsp");
    }
    else if(flag==3)
    {
    st=con.createStatement();
    rs=st.executeQuery("select ex_id,DES_DECRYPT(password),ex_fname from expert where e_mail='"+id+"'");
    
    while(rs.next())
    {
        if(rs.getString(2).equals(pass)) 
        {
            session.setAttribute("sr",rs.getString(1));
            session.setAttribute("name",rs.getString(3));
            flag=3;
        }    
    }
    response.sendRedirect("user_home.jsp");
}
    else{
    String msg="Invaid user name or password";
    response.sendRedirect("index.jsp?msg="+msg);
    }

%>